Real Time Phishing is Man in the Middle (MitM) attack

October 4, 2016
Real Time Phishing

Real Time Phishing is a Man-in-the-Middle (MitM) attack that allows the criminal to commit real time fraud. Stolen credentials from the phishing site are used to access the internet bank session in real time. Real time phishing allows the criminal to readily bypass banking authentication protocols.

Real time phishing schemes take place over a web session, between the attacker and the victim, and mimic a target website’s look and feel, more so than just an idle or static phishing page. HTML and JavaScript code are used to reproduce the look and feel of the real thing even including a virtual keyboard.

This phishing technique easily compromises the account from the bank’s website to make a transaction in real time, all the while milking more authentication details from the unsuspecting victim.

Cyber criminals are integrating multiple attack methods to defeat the latest security measures such as One Time Password (OTP) Tokens implemented by banks.

MitM – real time phishing may also use other attack components and methods, such as malware, to compromised local DNS and registry files. Real time phishing demonstrates increased sophistication making attacks more believable through real-time data theft. Solutions to real time phishing can be found at

man-in-the-middle-iphone-680x400Traditional or classic phishing steal internet bank credentials that are used for account take over – post attack. Such credentials were traded on the black market and used to defraud the victim and bank well after the attacks – hours or days later. Real time phishing sites dupe the user with a seamless flow of changing screens and messages controlled by the attacker from a remote server.

Banks have protected themselves against phishing with Out-of-Band Authentication. Out-of-band authentication happens away from the user’s browser, via a smartphone, card reader or numeric code chart. These One Time Passwords (OTP) are easily harvested by the criminal. Real time phishing can simply bypass this kind of authentication by grabbing these credentials and completing the transaction requirements.

About the author

Leave a Reply